London Daily

Focus on the big picture.
Friday, Jul 04, 2025

Russia, China Hackers Boost Election Attacks, Microsoft Says

Russia, China Hackers Boost Election Attacks, Microsoft Says

Russian, Chinese and Iranian hackers have stepped up efforts to disrupt the U.S. election by targeting the campaigns of President Donald Trump and Democratic nominee Joe Biden, a Microsoft Corp. investigation found.

Cyber-attacks have also been aimed at political parties, advocacy groups, academics and leaders in the international affairs community, according to a blog post Thursday from Tom Burt, corporate vice president of customer security and trust at Microsoft.

SKDKnickerbocker, a public affairs and political consulting firm working with Biden’s campaign, was also recently targeted in an unsuccessful hack by suspected Russian state-backed hackers, according to a Thursday report by Reuters, which said that Microsoft had alerted the firm.

The attempted hack on SKDKnickerbocker reflects a broader trend documented by Microsoft: that a Russia-based group had attacked “political campaigns, advocacy groups, parties and political consultants.”

Attempts by foreign adversaries to disrupt the Nov. 3 presidential election echo the efforts by Russia in 2016 to meddle in the campaign on Trump’s behalf. The president is trailing Biden in the 2020 race by more than 7 percentage points in a national average of polls.

The findings emerged hours after the U.S. sanctioned Andrii Derkach, a Ukrainian lawmaker who met with Trump’s personal lawyer last year, alleging he’s a Russian agent trying to influence the 2020 election.

Microsoft’s report also came a day after a Homeland Security Department official alleged that Trump administration appointees suppressed intelligence on Russian election interference while promoting China as the prime threat.

Microsoft reported that about 200 organizations directly or indirectly tied to the U.S. election and political organizations in Europe were affected by a Russian-operated group, called Strontium, including U.S.-based consultants serving Republicans and Democrats.

The same group was also identified in the report by Special Counsel Robert Mueller as being responsible for the attacks on the Democratic presidential campaign in 2016, according to Microsoft. Strontium is also known as APT28, or Fancy Bear.

Microsoft also reported unsuccessful cyber-attacks from Iran on people associated with the Trump campaign, and attempted attacks from China on people associated with the Biden campaign, as well as a “prominent” individual formerly associated with the Trump administration. The people who were targeted weren’t named.

The Chinese group, referred to as Zirconium, has mounted thousands of attacks from March through September on campaign officials as well as prominent academics and others in international affairs.

Of those attempts, about 150 were successful breaches, but Microsoft didn’t identify the victims other than to say they weren’t associated with the presidential campaigns.

According to John Hultquist, who serves as the senior director of analysis at cybersecurity firm FireEye Inc.’s Mandiant, the recent Russian activity poses the greatest threat to the election.

“It’s likely Iranian and Chinese actors targeted US campaigns to quietly collect intelligence, but APT28’s unique history raises the prospect of follow-on information operations or other devastating activity,” he said.

Microsoft’s findings echo those of U.S. government officials.

”Our adversaries are continuously looking for vulnerable U.S. networks to exploit, and networks associated with political organizations and campaigns are no exception,” the Federal Bureau of Investigation said in a statement on Thursday.

In August, William Evanina, head of the National Counterintelligence and Security Center, said Russia, China and Iran are trying to “use covert and overt influence measures in their attempts to sway U.S. voters’ preferences and perspectives, shift U.S. policies, increase discord in the United States, and undermine the American people’s confidence in our democratic process.”

And on Wednesday, Chad Wolf, acting secretary of the Department of Homeland Security, said “the governments of China, Iran and Russia target our election systems, each with its own separate and nefarious motives and tactics.”


‘Stepped Up’


The recent attacks reveal that “foreign activity groups have stepped up their efforts targeting the 2020 election,” according to Microsoft. “What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues.”

The majority of attacks were detected and stopped by security tools built into Microsoft’s software, Burt said.

Foreign groups used tactics including rotating IP addresses to disguise attacks, web bugs planted in purchased domain names and phishing, in an effort to harvest log-in credentials and gain information on targeted individuals and organizations.

Phishing attacks can be for routine espionage against campaigns or, in some cases, to conduct hack and leak operations -- a key feature in Russia’s campaign to help Trump and hurt Hillary Clinton in 2016.

Disinformation experts are on high alert for strategic leaks of real or fabricated documents in the weeks ahead of election day, as a foreign influence tactic that could significantly harm a candidate’s chances, particularly if there isn’t enough time for them to adequately respond.

“We disclose attacks like these because we believe it’s important the world knows about threats to democratic processes,” Burt said. He also said more federal funding is needed in the U.S. so states can better protect their election infrastructure.

The Office of the Director of National Intelligence said in a statement Thursday that the “private sector plays a crucial role” in safeguarding elections and national security.

“We welcome their assistance and will continue partnering with them to combat foreign efforts to target political candidates, campaigns and others involved in the U.S. elections,” according to the statement.

Newsletter

Related Articles

0:00
0:00
Close
DJI Launches Heavy-Duty Coaxial Quadcopter with 80 kg Lift Capacity
U.S. Senate Approves Major Legislation Dubbed the 'Big Beautiful Bill'
Largest Healthcare Fraud Takedown in U.S. History Announced by DOJ
Poland Implements Border Checks Amid Growing Migration Tensions
Political Dispute Escalates Between Trump and Musk
Emirates Airline Expands Market Share with New $20 Million Campaign
Amazon Reaches Milestone with Deployment of One Millionth Robot
US Senate Votes to Remove AI Regulation Moratorium from Domestic Policy Bill
Yulia Putintseva Calls for Spectator Ejection at Wimbledon Over Safety Concerns
Jury Deliberations in Diddy Trial Yield Partial Verdict in Serious Criminal Charges
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
King Charles Plans Significant Role for Prince Harry in Coronation
Two Chinese Nationals Arrested for Espionage Activities Against U.S. Navy
Amazon Reaches Major Automation Milestone with Over One Million Robots
Extreme Heat Wave Sweeps Across Europe, Hitting Record Temperatures
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
Robots Compete in Football Tournament in China Amid Injuries
Trump Administration Considers Withdrawal of Funding for Hospitals Providing Gender Treatment to Minors
Texas Enacts Law Allowing Gold and Silver Transactions
China Unveils Miniature Insect-Like Surveillance Drone
OpenAI Secures Multimillion-Dollar AI Contracts with Pentagon, India, and Grab
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Germany Votes to Suspend Family Reunification for Asylum Seekers
Elon Musk Critiques Senate Budget Proposal Over Job Losses and Strategic Risks
Los Angeles Riots ended with Federal Investigations into Funding
Budapest Pride Parade Draws 200,000 Participants Amid Government Ban
Southern Europe Experiences Extreme Heat
Xiaomi's YU7 SUV Launch Garners Record Pre-Orders Amid Market Challenges
Jeff Bezos and Lauren Sanchez's Lavish Wedding in Venice
Russia Launches Largest Air Assault on Ukraine Since Invasion
Education Secretary Announces Overhaul of Complaints System Amid Rising Parental Grievances
Massive Anti-Government Protests Erupt in Belgrade
Trump Ends Trade Talks with Canada Over Digital Services Tax
UK Government Softens Welfare Reform Plans Amid Labour Party Rebellion
Labour Faces Rebellion Over Disability Benefit Reforms Ahead of Key Vote
Jeff Bezos and Lauren Sánchez Host Lavish Wedding in Venice Amid Protests
Trump Asserts Readiness for Further Strikes on Iran Amid Nuclear Tensions
North Korea to Open New Beach Resort to Boost Tourism Economy
UK Labour Party Faces Internal Tensions Over Welfare Reforms
Andrew Cuomo Hints at Potential November Comeback Amid Democratic Primary Results
Curtis Sliwa Champions His Vision for New York City Amid Rising Crime Concerns
Federal Reserve Proposes Changes to Capital Rule Affecting Major Banks
EU TO HUNGARY: LET THEM PRIDE OR PREP FOR SHADE. ORBÁN TO EU: STAY IN YOUR LANE AND FIX YOUR OWN MESS.
Trump Escalates Criticism of Media Over Iran Strike Coverage
Trump Announces Upcoming US-Iran Meeting Amid Controversial Airstrikes
Trump Moves to Reshape Middle East Following Israel-Iran Conflict
Big Four Accounting Firms Fined in Exam Cheating Scandal
NATO Members Agree to 5% Defense Spending Target by 2035
Australia's Star Casino Secures $195 Million Rescue Package Amid Challenges
UK to Enhance Nuclear Capabilities with Acquisition of F-35A Fighter Jets
×